Built-in Immutability for Cyber Resiliency
Imagine one or more of your systems is unavailable because of some malicious attack, whether a nasty virus, ransomware, or sabotage from a disgruntled employee. No worries, these things happen — you’ll recover from backup. Except you discover that your backups have been compromised in the same manner.
This is usually where the term air gap gets dropped. Someone will say, “you need a truly offline backup — tape! There’s no way ransomware can get into a tape backup!” While that’s true, how long does it take to recover from tape stored in a land somewhere far, far away? If a backup takes so long to restore that there’s major financial or business impact, does it actually exist? Realistically, there are ways to protect your data stored by backup systems even without this gap.
I previously wrote a blog post about immutable infrastructures, but compute infrastructures are not the only way that immutability matters in the data center. Immutable, by definition, means the state is set or inflexible once constructed. In other words, it cannot be changed. The goal is to build a more reliable automated compute infrastructure in order to enable stable continuous delivery.
Data is becoming more and more lucrative for attackers, especially as enterprises adopt data-driven business models and decision tactics. More organizations are opting to pay ransom than ever before, as recovering from ransomware is often complex and time-consuming, and oftentimes, the backups themselves are encrypted or deleted from an attack.
Data is essential for companies, and it is going to spell an era of innovation as companies attempt to balance security concerns with figuring out how to manage massive amounts of data. I think the same goals apply to data management: ingest, manage, and store data immutably; any modifications are made using a new copy — leaving the original untarnished; and all of this should be done continuously using automation.
Data immutability protects against the most common causes of data loss and data manipulation, including:
- Malicious activity, such as viruses and ransomware
- Administrative mishaps or purposeful sabotage
- Application bugs
All applications and data ingested by Rubrik are stored in an immutable manner. Once ingested, no external or internal operation can modify the data. Data managed by Rubrik is never available in a Read/Write state to the client. This is true even during a restore or Live Mount operation. Since data cannot be overwritten, even infected data later ingested by Rubrik cannot infect other existing files or folders.
Ransomware is getting increasingly advanced, putting the integrity of backups at greater risk. Data managed by Rubrik is immutable and cannot be encrypted after the fact. Therefore, your data is immune to this type of malicious activity.
Built-in immutability combined with data encryption at-rest and in-transit, as well as with granular role-based access control built into the product, Rubrik provides a holistic stance on security, data integrity, and ransomware remediation.
Want to learn more? See how Kern Medical Center defends against ransomware with Rubrik’s immutable backups. Or check out this video with Founding Engineer Adam Gee on building the Atlas File System from the ground up.